}
if (check_submit($_POST['dosubmit'], $_POST['formhash'])) {
$days = strtotime(date("Y-m-d"));
if (empty($_POST['content'])) {
show_message('response_null', '');
exit;
}
if ($cyask_user) {
$query = $dblink->query("SELECT count(*) FROM {$tablepre}res WHERE aid={$aid} AND uid={$cyask_uid} AND days={$days}");
} else {
$query = $dblink->query("SELECT count(*) FROM {$tablepre}res WHERE aid={$aid} AND uip='{$onlineip}' AND days={$days}");
}
if ($dblink->result($query, 0) > 3) {
show_message('response_more', '');
exit;
} else {
$content = filters_content($_POST['content']);
$dblink->query("INSERT INTO {$tablepre}res set aid={$aid},uid={$cyask_uid},username='******',uip='{$onlineip}',content='{$content}',time={$timestamp},days={$days}");
$dblink->query("UPDATE {$tablepre}answer SET response=response+1 WHERE aid={$aid}");
$referer = get_referer('./') . '#response';
header("location:signal.php?resultno=111&url={$referer}");
exit;
}
} else {
show_message('url_error', './');
exit;
}
} else {
show_message('action_error', './');
exit;
}
show_message('class_error', '');
exit;
}
$give_score = intval($_POST['givescore']);
if ($give_score) {
$my_score = get_score($cyask_uid);
if ($give_score > $my_score) {
show_message('score_error', '');
exit;
} else {
update_score($cyask_uid, $give_score, '-');
//┐█ио
}
}
$ques_title = filters_title($_POST['qtitle']);
$ques_supplement = filters_content($_POST['qsupply']);
$ques_hidanswer = $_POST['hidanswer'] ? 1 : 0;
$overdue_days = intval($overdue_days);
$endtime = $timestamp + $overdue_days * 86400;
$sql = "INSERT INTO {$tablepre}question SET sid='{$sid}',sid1='{$sid1}',sid2='{$sid2}',sid3='{$sid3}',uid='{$cyask_uid}',username='******',title='{$ques_title}',score='{$give_score}',asktime='{$timestamp}',endtime='{$endtime}',hidanswer='{$ques_hidanswer}'";
if ($dblink->query($sql)) {
$qid = $dblink->insert_id();
}
$do = $dblink->query("INSERT INTO {$tablepre}question_1 SET qid='{$qid}',supplement='{$ques_supplement}'");
if ($do) {
header("location:signal.php?resultno=101&url={$url}");
exit;
} else {
show_message('ask_error', 'ask.php?word=' . $word);
exit;
}
} else {
if ($sids['grade'] == 2) {
$sid1 = $sids['sid1'];
$sid2 = $sids['sid'];
$sid3 = 0;
} else {
if ($sids['grade'] == 3) {
$sid1 = $sids['sid1'];
$sid2 = $sids['sid2'];
$sid3 = $sids['sid'];
}
}
}
$qid = intval($_POST['qid']);
$title = filters_title($_POST['title']);
$supplement = filters_content($_POST['supplement']);
$dblink->query("UPDATE {$tablepre}question SET sid='{$cid}',sid1='{$sid1}',sid2='{$sid2}',sid3='{$sid3}',title='{$title}' WHERE qid={$qid}");
$dblink->query("UPDATE {$tablepre}question_1 SET supplement='{$supplement}' WHERE qid={$qid}");
$referer = $_POST['backurl'];
$referer = empty($referer) ? 'admin.php?admin_action=ques_sort' : $referer;
header("location:{$referer}");
} else {
$qid = intval($_GET['qid']);
$query = $dblink->query("SELECT qid,sid,sid1,sid2,sid3,title FROM {$tablepre}question WHERE qid={$qid}");
$row = $dblink->fetch_array($query);
$query_c = $dblink->query("SELECT supplement FROM {$tablepre}question_1 WHERE qid={$qid}");
$row_c = $dblink->fetch_array($query_c);
$row = array_merge($row, $row_c);
$sid = $row['sid'];
if ($sid) {
$query = $dblink->query("SELECT * FROM {$tablepre}sort WHERE sid={$sid}");
Date: 2007/4/23
*/
define('CURSCRIPT', 'collect');
error_reporting(7);
require_once './include/common.inc.php';
$title = $site_name;
if (!$cyask_uid) {
$url = get_referer();
show_message('user_nologin', '');
exit;
}
if ($command == 'collect') {
if (check_submit($_POST['collectsubmit'], $_POST['formhash'])) {
$collect_url = trim($_POST['collect_url']);
$collect_title = trim($_POST['collect_title']);
$collect_content = empty($_POST['content']) ? '' : filters_content($_POST['content']);
$sortname = $_POST['sortname'];
$ctype = $_POST['ctype'];
$public = $_POST['public'];
$dblink->query("INSERT INTO {$dbprefix}collect SET uid={$cyask_uid},username='******',sortname='{$sortname}',ctype='{$ctype}',title='{$collect_title}',content='{$collect_content}',url='{$collect_url}',public='{$public}',collecttime='{$timestamp}'");
$url = $_POST['url'];
show_message('collect_succeed', $url);
exit;
} else {
show_message('url_error', './');
exit;
}
} else {
$url = get_referer();
$neturl = empty($_POST['neturl']) ? trim($_GET['neturl']) : trim($_POST['neturl']);
$collect_url = empty($neturl) ? $url : $neturl;
"><?php
echo $lang['weiye'];
?>
</a>
</td></tr>
</table>
</td></tr>
</table>
</td></tr>
</table>
<?php
admin_footer();
exit;
} elseif ($admin_action == 'answer_edit') {
if ($_POST['ctype'] == 'edit_submit') {
$answer = filters_content($_POST['answer']);
$aid = intval($_POST['aid']);
$dblink->query("UPDATE {$dbprefix}answer SET answer='{$answer}' where aid={$aid}");
header("location:admin.php?admin_action={$_POST['backaction']}&page={$_POST['page']}");
} else {
$aid = intval($_GET['aid']);
$query = $dblink->query("SELECT * FROM {$dbprefix}answer WHERE aid={$aid}");
$row = $dblink->fetch_array($query);
$row['answer'] = filters_outcontent($row['answer']);
$row['answer'] = htmlspecialchars($row['answer']);
admin_header();
?>
<table cellspacing="1" cellpadding="0" width="760" align="center" class="tableborder">
<tr><td>
<table border="0" cellspacing="0" cellpadding="4" width="100%">
<tr class="header"><td height="22"><?php
